Acunetix Web Vulnerability Scanner version 9.5 build 20140902 has been updated to include new vulnerability checks, including detection of Hibernate Query Injection, format strings vulnerabilities, MySQL username disclosure and others, including some, in well-known web applications. This new build also optimises existing checks, including its XSS and SQL Injection detection scripts. The following is a […]

There’s no doubt you know your network better than anyone else. The real question is, do you know whether you’ve checked for all relevant security flaws on all of your critical systems? Odds are you haven’t but that’s okay to an extent. No one has that kind of time or expertise if they’re going to complete their other work necessary to keep the shop running.

In the interest of making some headway in this area and keeping your network security risks to a minimum, here are some things you want to make sure you’re looking for:

Physical security systems (i.e. IP cameras, door access control systems, and parking lot gates), especially their telnet and web interfaces that are usually running default settings and wide-open to attack.

Third-party software patches, namely for Java and the various Adobe products (something that requires authenticated scanning for proper testing).

Network shares that anyone who is authenticated to the Windows domain can access and, specifically, personally-identifiable information (PII) and intellectual property that’s stored on them, unprotected.

Printers and copiers with web interfaces and job management features enabled that should not be accessible to everyone on the network.

Anonymous FTP servers that house sensitive information, often intellectual property such as source code that are wide open to internal users and sometimes even the Internet as a whole.

Voice over IP systems – at least test for flaws on a cross-section of phones and the call manager server.

Hot Ethernet jacks that anyone can plug in to and do what they want on the network (and never be detected).

Firewalls, especially your rulebases. Similar to performing a source code analysis on a web application, an in-depth firewall rulebase analysis can provide a ton of insight that you’d otherwise never have.

I’m not advocating ferretting out every single flaw on every single system on your network. You might be able to accomplish that at some point, but at what cost to the business? You need to be smart with your focus and look where it counts. This includes not only production systems but also your development, QA, and staging network hosts – especially when they house production test data (and I’ve found that most do).

Put your criminal hacker hat on

Pretend you have a fresh start and view your network with an unbiased set of eyes. Literally walk in off the street and ask yourself:

What’s obvious?

What’s most easily accessible?

Which systems and business processes, when combined together, can lead to ill-gotten gains?

What, if exploited, could be most detrimental to our business?

You’ll likely be surprised by what you uncover. Don’t be afraid to find out what’s lurking in the unexplored areas of your network. Instead, be proud knowing that you’re seeking out and are hopefully the first to find key business risks that may have gone overlooked otherwise.